Filmtangent
commented
1 year ago I ended up using the information from this issue (#20) and pushing the idToken to the cookie.
Both the id and the access token are too large to fit in the cookie, but the idToken and the refreshToken will fit. So the access token can be re-fetched as needed.
async ({ refreshToken, extraParams, profile }) => {
const decodedClaims: IDToken = jwtDecode(extraParams.id_token);
return {
idToken: extraParams.id_token,
roles: decodedClaims.roles,
upn: decodedClaims.preferred_username,
name: profile.displayName,
};
}
);
Hi there,
I have been able to get the basic authentication flow working. But I am wondering if there is a recommended way of siloing users based on their properties based on additional claims.
For instance if I need to provide users with specific roles within the application through the use of security groups. Is this something that is possible at this time, or should I simply run Graph API requests and append my user as part of the strategy return?
Thanks